Imgur was notified by Troy Hunt, who runs the data breach notification site Have I Been Pwned. Hunt notified the photo sharing site on Thursday, November 23rd after he was sent data that included the Imgur users.

Imgur’s CEO and its Vice President of Engineering, who securely received the data in order to verify that it was indeed from their users. Imgur did verify that the stolen data does not include information such as real names, addresses, or phone numbers, as the site doesn’t ask its users for such information.

The incident is still under investigation and Imgur CEO Roy Sehgal said that attackers likely cracked the site’s password encryption through “brute force”, due to an older algorithm. The algorithm has since been replaced and updated.

Imgur encourages users to make sure that they are using different password and username combinations on each of their online accounts. Also, it’s a good idea to reset your passwords for each account as well.

In the wake of recent data breaches and ransomware attacks, there are a few things to keep in mind to protect your data, both online and offline:

Stay up to date on software patches

Use a different password for each online account and don’t make any of them the same

Encrypt sensitive files

Back up your files

Cybersecurity is a big deal and a big job. But it is never foolproof. You have to stay vigilant and uncompromising in your security measures. Don’t let hackers take what you’ve worked so hard to build.